INFO: task hung in copy

Kernel	Title	Count	Last	Reported	Patched	Status
linux-4.19	INFO: task hung in copy_process	1	1665d	1665d	0/1	auto-closed as invalid on 2020/08/29 04:01
upstream	INFO: task hung in copy_process (2) kernel	1	2031d	2031d	0/28	closed as invalid on 2019/05/08 13:05
android-414	INFO: task hung in copy_process (2)	1	1845d	1844d	0/1	auto-closed as invalid on 2020/03/02 19:22
upstream	INFO: task hung in copy_process kernel	2	2121d	2266d	0/28	closed as dup on 2018/09/08 14:03
linux-4.19	INFO: task hung in copy_process (2)	1	1086d	1086d	0/1	auto-closed as invalid on 2022/03/30 21:31
linux-4.19	INFO: task hung in copy_process (3)	1	677d	677d	0/1	upstream: reported on 2023/01/14 12:40
android-49	INFO: task hung in copy_process	1	2059d	2052d	0/3	auto-closed as invalid on 2019/09/30 05:31
android-414	INFO: task hung in copy_process	2	1974d	2052d	0/1	auto-closed as invalid on 2019/10/25 13:42

INFO: task syz-executor.3:12651 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29096 12651 7008 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12657 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D28840 12657 12651 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12681 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D28864 12681 12656 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12701 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29488 12701 12657 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12720 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29144 12720 12651 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12734 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29304 12734 12654 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12762 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29288 12762 12703 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12775 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29288 12775 12698 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12782 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29464 12782 12666 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.3:12785 blocked for more than 140 seconds. Not tainted 4.14.116 #6 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29096 12785 12729 0x00000000 Call Trace: context_switch kernel/sched/core.c:2807 [inline] __schedule+0x7be/0x1cf0 kernel/sched/core.c:3383 schedule+0x92/0x1c0 kernel/sched/core.c:3427 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x5cd/0xbe0 kernel/locking/rwsem-xadd.c:601 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] dup_mmap kernel/fork.c:681 [inline] dup_mm kernel/fork.c:1199 [inline] copy_mm kernel/fork.c:1253 [inline] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 copy_process kernel/fork.c:1570 [inline] _do_fork+0x19e/0xce0 kernel/fork.c:2058 SYSC_clone kernel/fork.c:2168 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2162 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x200003ca RSP: 002b:00000000000002f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200003ca RDX: c5badefbcd4c4e2a RSI: 00000000000002f0 RDI: 0000000000000003 RBP: 0000000000000077 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff Showing all locks held in the system: 1 lock held by khungtaskd/1009: #0: (tasklist_lock){.+.+}, at: [<ffffffff81488bf8>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4541 2 locks held by rsyslogd/6839: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81299a9a>] __do_page_fault+0x2ca/0xb80 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [<ffffffff81c40dbb>] ext4_filemap_fault+0x7b/0xb0 fs/ext4/inode.c:6136 2 locks held by cron/6882: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81299a9a>] __do_page_fault+0x2ca/0xb80 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [<ffffffff81c40dbb>] ext4_filemap_fault+0x7b/0xb0 fs/ext4/inode.c:6136 2 locks held by getty/6962: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6963: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6964: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6965: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6966: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6967: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 2 locks held by getty/6968: #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861cb693>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff831159b6>] n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156 1 lock held by syz-fuzzer/6985: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81810af9>] SYSC_madvise mm/madvise.c:827 [inline] #0: (&mm->mmap_sem){++++}, at: [<ffffffff81810af9>] SyS_madvise+0x1b9/0x1350 mm/madvise.c:791 2 locks held by syz-fuzzer/6998: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81299a9a>] __do_page_fault+0x2ca/0xb80 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [<ffffffff81c40dbb>] ext4_filemap_fault+0x7b/0xb0 fs/ext4/inode.c:6136 2 locks held by syz-fuzzer/7000: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81299a9a>] __do_page_fault+0x2ca/0xb80 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [<ffffffff81c40dbb>] ext4_filemap_fault+0x7b/0xb0 fs/ext4/inode.c:6136 1 lock held by syz-executor.3/7008: #0: (&mm->mmap_sem){++++}, at: [<ffffffff81299a9a>] __do_page_fault+0x2ca/0xb80 arch/x86/mm/fault.c:1354 3 locks held by syz-executor.3/12650: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 4 locks held by syz-executor.3/12651: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] i_mmap_lock_write include/linux/fs.h:470 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mmap kernel/fork.c:681 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mm kernel/fork.c:1199 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_mm kernel/fork.c:1253 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12652: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12654: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12656: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 4 locks held by syz-executor.3/12657: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] i_mmap_lock_write include/linux/fs.h:470 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mmap kernel/fork.c:681 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mm kernel/fork.c:1199 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_mm kernel/fork.c:1253 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12659: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 4 locks held by syz-executor.3/12664: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] i_mmap_lock_write include/linux/fs.h:470 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mmap kernel/fork.c:681 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mm kernel/fork.c:1199 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_mm kernel/fork.c:1253 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12666: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12667: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12668: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12669: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12670: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12671: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12672: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12673: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12674: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12676: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12677: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12678: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12679: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12680: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 4 locks held by syz-executor.3/12681: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] i_mmap_lock_write include/linux/fs.h:470 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mmap kernel/fork.c:681 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mm kernel/fork.c:1199 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_mm kernel/fork.c:1253 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12682: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12683: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 4 locks held by syz-executor.3/12684: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] i_mmap_lock_write include/linux/fs.h:470 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mmap kernel/fork.c:681 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] dup_mm kernel/fork.c:1199 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_mm kernel/fork.c:1253 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [<ffffffff81371ed7>] copy_process.part.0+0x4147/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12685: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12686: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12687: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12688: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12689: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755 #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mmap kernel/fork.c:616 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] dup_mm kernel/fork.c:1199 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_mm kernel/fork.c:1253 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffff81371a95>] copy_process.part.0+0x3d05/0x6950 kernel/fork.c:1755 3 locks held by syz-executor.3/12690: #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mmap kernel/fork.c:606 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] dup_mm kernel/fork.c:1199 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_mm kernel/fork.c:1253 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<ffffffff81371a3f>] copy_process.part.0+0x3caf/0x6950 kernel/fork.c:1755 #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mmap kernel/fork.c:607 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] dup_mm kernel/fork.c:1199 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_mm kernel/fork.c:1253 [inline] #1: (&mm->mmap_sem){++++}, at: [<ffffffff81371a5b>] copy_process.part.0+0x3ccb/0x6950 kernel/fork.c:1755

Crashes (4):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Manager
2019/05/04 11:30	linux-4.14.y	6d1510d86ef6	d28f4ce5	.config	console log	report	ci2-linux-4-14
2019/05/03 15:31	linux-4.14.y	1c046f373132	1bfa09b9	.config	console log	report	ci2-linux-4-14
2019/05/02 16:33	linux-4.14.y	1c046f373132	1852eb18	.config	console log	report	ci2-linux-4-14
2019/04/30 02:16	linux-4.14.y	fa5941f45d7e	b617407b	.config	console log	report	ci2-linux-4-14

Crashes (4):

Assets (help?)